Don't waste your time with HEX digits.
Start here:
...and end up here:Code:0000000000
in your search for the WPA default keys.Code:9999999999
I have a theory on the 2WIRE routers....
ok so i've been lurking for a while and now i happen to be getting pretty good with aircrack/cowpatty etc. I can crack wep and the usual wpa's simple now.
So we all know about the att 2wire routers....I was wondering how to crack those WPA keys. I started the run wordlists (on my own uverse 2wire with default key) . All failed. then i found ok so most 2wire's have 10 digit hex keys. (my att uverse 2wire has a sticker on the bottom)
I then compiled this script to create my wordlist
Code://made by karabaja4 #include <stdio.h> #include <stdlib.h> int main(int argc, char** argv) { char format[10]; unsigned long long last = 0; unsigned long long i; if ((argc != 2) || (atoi(argv[1]) > 16)) { printf("\n hex wordlist generator - by karabaja4\n\n"); printf(" usage: ./hwg n > wordlist.txt\n"); printf(" n - number of digits (max 16)\n\n"); exit(0); } sprintf(format, "%s%s%s", "%0", argv[1], "llx\n"); //linux (gcc) //sprintf(format, "%s%s%s", "%0", argv[1], "I64x\n"); //windows (mingw) for (i = 0; i < atoi(argv[1]); i++) last = ((last + 1) * 16) - 1; for (i = 0; i < last; i++) printf(format, i); printf(format, last); return 0; //hooray! }Code:gcc hwg.c -o hwgscript credit user karabaja 4Code:./hwg n > wordlist.txt
now i will run gemk against this and the ssid, then the hash against the captured 4 way handshake.
So in theory, eventually in time this will crack the 2WIRE's with the default 10 digit hex key.
I'm going to try running it against my handshake this weekend when i have more time.
Don't waste your time with HEX digits.
Start here:
...and end up here:Code:0000000000
in your search for the WPA default keys.Code:9999999999
You. Are. Doing. It. Wrong.
-Gitsnik
Don't they use the MAC address or serial number by default? That makes the key space a lot smaller.
how would i do that?Originally Posted by kidFromBigD
serial #, i forget how they do it but they at least somehow i know the serial is integrated into the default key, which i know for sure, by default on the att 2WIRE's is 10 digits.`
Let's work that edit button there OP.
Its one of the rules you want to uphold.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Plenty of stuff out there about using crunch to generate a bunch of passwords, and then piping the output to pyrit, cowpatty, aircrack-ng or whatever.
You. Are. Doing. It. Wrong.
-Gitsnik
I did my stint at Bellsouth back when the original 2wire modems came out.... the serial is in fact the wep key by default or at least they used to be.... if tech support changed it it would be the users phone number....
actually I do not remember if the serials were numbers only..... I was thinking they were not.... but it has been a while
yes, the default 2wire keys are only 10 digit numbers...
once we have the .txt file, how to we go about brute forcing a router??
thanks
Posting Permissions